From cloud-based backup solutions to high-availability content delivery networks (CDNs), object storage has become an integral part of the modern technology landscape. And, with its small footprint, straightforward interface, and compatibility with multiple cloud storage services, the Minio object storage server packs a lot of function.

This article will walk you through the steps to install the Minio cloud storage server on an Ubuntu machine and configure it as a systemd service. We will also Set up an SSL/TLS certificate using Let's Encrypt to secure communication between the server and the client. Lastly, we will access Minio's browser interface via HTTPS to use and administrate the server.

Prerequisites

One Ubuntu 16.04 server including a sudo non-root user and a firewall.

The following DNS records set up for your Minio server.

An A record with your server name (e.g. minio-server.technocracypk.com) pointing to your object server's IPv4 address.

An AAAA record with your server name pointing to your object server's IPv6 address, if you want your server reachable via IPv6. (Optional)

Installing And Configuring The Minio Server

You can install the Minio server by compiling the source code or via a binary file. In this step, we'll install the server the easiest way—through the binary—and then we'll configure everything afterward.

First, log into your server:

ssh peter@your_server_ip

If you haven't updated the package database recently, update it now:

sudo apt-get update

Next, download the Minio server's binary file:

curl -O https://dl.minio.io/server/minio/release/linux-amd64/minio

A file named minio will be downloaded into your working directory. Make it executable:

MINIO_VOLUMES: Points to the storage directory that you created earlier.

MINIO_OPTS: Modifies the behavior of the server. The -C flag points Minio to the configuration directory it should use, while the --address flag tells Minio the IP address and port to bind to. If the IP address is not specified, Minio will bind to every address configured on the server, including localhost and any Docker-related IP addresses, so it's best to specify the IP address in this file explicitly. The default port is 9000, but you can choose another.

Finally, save and close the environment file when you're finished making changes.

Minio is now installed, so, next, we'll configure the server to run as a system service.

Installing the Minio Systemd Startup Script

In this step, we'll configure the Minio server to be managed as a systemd service. First, download the Minio service descriptor file using the following command:

In this step, we'll use the console-based certificate generation client, Concert, to create an SSL/TLS certificate using the open source Let's Encrypt certificate authority. While there are other ways to generate Let's Encrypt certificates, Concert is both written by Minio's developers and part of the official installation instructions.

First, download Concert with the command:

go get -u github.com/minio/concert

Once complete, a file named concert should be in the bin directory of your GOPATH.

Next, we'll generate the certificate.

Note: To generate the certificate, concert requires that traffic through port 443 be allowed through the firewall.

Run the following command using the --dirs flag to tell Concert the output directory, email address, and domain name you'd like to use:

Restart the Minio server, so that it becomes aware of the certificate and starts using HTTPS:

sudo systemctl restart minio

Since the Let's Encrypt certificate generated is valid for just 90 days and repeatedly renewing it manually would be inefficient, start Concert in server mode to set up a system to auto-renew the certificate:

sudo concert server --dir minio-certs peter@example.com example.com

With that, Minio's connection is now secure, and the SSL/TLS certificate will automatically renew for you. In the next step, you'll connect to Minio through the browser to use and administrate the server.

Securely Connecting to Minio's Web Interface Using HTTPS

In this step, you'll securely connect to the Minio web interface via HTTPS, and then you'll create buckets and upload objects into them.

Access the web interface by pointing your browser to https://example.com:9000.

Next, you'll need to find your login credentials. Minio wrote its configuration file to the /etc/minio directory when you started the server in above Step. That configuration file, config.json, contains the accessKey and secretKey values you'll need to access the server now. Be sure to copy and keep both keys in an easy-to-reach and secure place for the future.

Now, log into the main interface by entering your credentials and clicking the round button with the arrow directly below the input fields.

From there, click the light-red + button on the bottom right of the main interface to bring up two additional yellow buttons.

Click the middle, yellow button and enter a name for your new bucket in the prompt, pressing the ENTER key to save your response. Your new bucket is now ready to be used for storage! When you want to add objects into your bucket, click the same light-red button as before and then click the top, yellow button to open a file-upload prompt.

At this point, you've worked through the entire basic web interface, but beyond just creating buckets and uploading objects, you can also generate new login credentials, set expiration dates on objects' shareable links, and delete objects altogether.

Conclusion

You now have your own object storage server using Minio that you can connect to securely from the web interface using a Let's Encrypt SSL/TLS certificate. Optionally, you may want to look at the Minio desktop clients for FreeBSD, Linux, Mac, and Windows as an alternative way to use and administrate your object storage server.

How To Set Up Minio Cloud Storage Server on Ubuntu 16.04
Reviewed by Mr. WhiteSays
on
August 29, 2017
Rating: 5